93ff66f7de5092c062137c87afe2bd1cd26fa01df91e695dc1ff34326c92ce75

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
09-01-2025 02:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_b874f413f8b1f63ec0aae13f1bc82ef2.html
Size

127KB
MD5

b874f413f8b1f63ec0aae13f1bc82ef2
SHA1

0a0096465d81745743f9fa59aae84d9cb8b2af8f
SHA256

93ff66f7de5092c062137c87afe2bd1cd26fa01df91e695dc1ff34326c92ce75
SHA512

5bf769d0a1265470521a346282e05dfca177cdd7df75c667189f0d277d7b087b224cc9cc21b2ff32c49c93cdeb4d09e291600d7f76b72bb3803ec2d3b0f6e54f
SSDEEP

3072:pUuCWDxYxQ2PDxYxC2T/Z1sSoEZN7Om88SefhENE/jzCqezmr3XO:pUu1DxYxQ2PDxYxC2T/ZtOm8Oq

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Checks processor information in registry 2 TTPs 3 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	msedge.exe

Enumerates system info in registry 2 TTPs 5 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 16 IoCs

pid	Process
2868	msedge.exe
2868	msedge.exe
1648	msedge.exe
1648	msedge.exe
4848	msedge.exe
4848	msedge.exe
4848	msedge.exe
4848	msedge.exe
4848	msedge.exe
4848	msedge.exe
4848	msedge.exe
4848	msedge.exe
5704	msedge.exe
5704	msedge.exe
5704	msedge.exe
5704	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe
1648	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1648 wrote to memory of 4848	1648	msedge.exe	84
PID 1648 wrote to memory of 4848	1648	msedge.exe	84
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 1788	1648	msedge.exe	85
PID 1648 wrote to memory of 2868	1648	msedge.exe	86
PID 1648 wrote to memory of 2868	1648	msedge.exe	86
PID 1648 wrote to memory of 3008	1648	msedge.exe	87
PID 1648 wrote to memory of 3008	1648	msedge.exe	87
PID 1648 wrote to memory of 3008	1648	msedge.exe	87
PID 1648 wrote to memory of 3008	1648	msedge.exe	87
PID 1648 wrote to memory of 3008	1648	msedge.exe	87
PID 1648 wrote to memory of 3008	1648	msedge.exe	87
PID 1648 wrote to memory of 3008	1648	msedge.exe	87
PID 1648 wrote to memory of 3008	1648	msedge.exe	87
PID 1648 wrote to memory of 3008	1648	msedge.exe	87
PID 1648 wrote to memory of 3008	1648	msedge.exe	87
PID 1648 wrote to memory of 3008	1648	msedge.exe	87
PID 1648 wrote to memory of 3008	1648	msedge.exe	87
PID 1648 wrote to memory of 3008	1648	msedge.exe	87
PID 1648 wrote to memory of 3008	1648	msedge.exe	87
PID 1648 wrote to memory of 3008	1648	msedge.exe	87
PID 1648 wrote to memory of 3008	1648	msedge.exe	87
PID 1648 wrote to memory of 3008	1648	msedge.exe	87
PID 1648 wrote to memory of 3008	1648	msedge.exe	87
PID 1648 wrote to memory of 3008	1648	msedge.exe	87
PID 1648 wrote to memory of 3008	1648	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_b874f413f8b1f63ec0aae13f1bc82ef2.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcd70846f8,0x7ffcd7084708,0x7ffcd7084718
  2⤵
  - Checks processor information in registry
  - Enumerates system info in registry
  - Suspicious behavior: EnumeratesProcesses
  PID:4848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,9230888965773502092,14842039420340055571,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2076 /prefetch:2
  2⤵
  PID:1788
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2068,9230888965773502092,14842039420340055571,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2068,9230888965773502092,14842039420340055571,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2636 /prefetch:8
  2⤵
  PID:3008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,9230888965773502092,14842039420340055571,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:5056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,9230888965773502092,14842039420340055571,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
  2⤵
  PID:2208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,9230888965773502092,14842039420340055571,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4144 /prefetch:1
  2⤵
  PID:4588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,9230888965773502092,14842039420340055571,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4732 /prefetch:1
  2⤵
  PID:3572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,9230888965773502092,14842039420340055571,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4944 /prefetch:1
  2⤵
  PID:4784
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,9230888965773502092,14842039420340055571,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3404 /prefetch:1
  2⤵
  PID:2168
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,9230888965773502092,14842039420340055571,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4680 /prefetch:1
  2⤵
  PID:4384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,9230888965773502092,14842039420340055571,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5584 /prefetch:1
  2⤵
  PID:2116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,9230888965773502092,14842039420340055571,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=13468 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5704

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:816

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2212

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\metadata

Filesize
150B

MD5
4179c177f0ea592d3b8197a1dbb458ac

SHA1
bd2029d15b12acb12da6c62c37ae959bd6490ae9

SHA256
63d4e789684551aedb49ea33f9f41ab249865a08228f76a7d800ff0de720c622

SHA512
f71556c168940542dcb4f90edb520e441e2d4ec18231511e31ab0545a19904a22da73b90eb2dd648f6204d2ed721ce0ebdc0c8ede6f283ae066d4dd722afac96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\reports\404be780-88fb-4f2c-b0c7-0256642dee83.dmp

Filesize
657KB

MD5
29d2c95e69bbc7119d140c3882d69e87

SHA1
1324caffe7a4be43b27c807b5ddf41aae0e4aa5b

SHA256
11b2a8ed061dfeb309307989bfdfef74bd43007bfc1517ab861054241f52e8e2

SHA512
49f96f1972a4aced66555c9bc9d1bb693eb5816437f5d4e762e1d266634b357419df3dc2b4e2b1a19ea6aa22453c626830b642267ead1848577180c4d9dd83d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
6960857d16aadfa79d36df8ebbf0e423

SHA1
e1db43bd478274366621a8c6497e270d46c6ed4f

SHA256
f40b812ce44e391423eb66602ac0af138a1e948aa8c4116045fef671ef21cd32

SHA512
6deb2a63055a643759dd0ae125fb2f68ec04a443dbf8b066a812b42352bbcfa4517382ed0910c190c986a864559c3453c772e153ee2e9432fb2de2e1e49ca7fe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f426165d1e5f7df1b7a3758c306cd4ae

SHA1
59ef728fbbb5c4197600f61daec48556fec651c1

SHA256
b68dfc21866d0abe5c75d70acc54670421fa9b26baf98af852768676a901b841

SHA512
8d437fcb85acb0705bf080141e7a021740901248985a76299ea8c43e46ad78fb88c738322cf302f6a550caa5e79d85b36827e9b329b1094521b17cf638c015b6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a

Filesize
76KB

MD5
529a445cdb4d58cdda2b26d7aff38544

SHA1
d9cc10106d75ead775e0f60806206100683a498e

SHA256
77536a3c239b73aee28e90cfcbfea1b12528e15e971efa1cc17482767d10cd58

SHA512
219483c98e9586e4fc4a3a7be17dea77fd5c88588cb5a6621749dc4f24b6333daf1e14a5411cd4a3f4c0acb7d8919bae3fa8a244db8394408a5d3d54991d07da

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d

Filesize
76KB

MD5
3fe051a48c6033320a6cbea4862f1cd0

SHA1
8fa708ea108be14d69a3302c180754ea32290b9b

SHA256
fc0ec253e404e6fe9df34ce30e396105b61943ba23ae80d8267f260fd9525d8e

SHA512
7e46520ca179e7f4da6c65a3238f3b9f2c69bbc380bb95f7e7e7a4162b934f21577a93fea0fb916a072085d61bb9d6df7530457c8fe6b7dc5626fa88fb45a539

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000050

Filesize
76KB

MD5
65aae3cf663277452fbbe14cd012a24e

SHA1
f8f5a560a5ba1474763b3df05b277f153379df49

SHA256
5d22b3683bfdafd8a49ac7348c15a27bb3c81ac34334369170f8485ae70f0418

SHA512
742c91ab29cc6b37d99fda97cd0165aef098e151b0e6abc92a8c19902e860ddbc5601c1d0bf04859872e9b61322447e9abc42d656751e659fe202103d8b1aaa2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000d2

Filesize
76KB

MD5
eda8be5a899fe07ea05f59c163d2e910

SHA1
d5095a250d9f08faa19a51ac454dfead3f41a0b4

SHA256
4fd9cb9e8c8e6913217746596742f81c5b52086e51e952c171f1f61a294a7359

SHA512
1ed8028157c7946bae27b7e1eb619839e5a22e077ab48e2e2d55c0625d9f4dc51b674747f82c929225047050305cb70ab3306b67ab9c6e3e2d5dcb32a1fea9eb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00011c

Filesize
76KB

MD5
3369fcd5ce89794c460e747f7fd00527

SHA1
376c9b398b12b0a44f85d228b863e463c52e55d8

SHA256
378b59972ecc4f5e13a073e79bb388d72960e8c6138dee56888d92478d86d828

SHA512
886cea8657f94a70f4d10946eb856160f79ba13b79f94fb91f839655294c566b540b2aa78269624d0809a6abaa6ac7938abd5b1a25fc75e957b6014ab77e57db

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000140

Filesize
70KB

MD5
2df4fee4242fb78294f20bd597c47b49

SHA1
3d798d37462dd223454f670f5c82e71026aaffde

SHA256
59fd4f86f3a8672eb6433ce41b056fdd338dc0d28fa186ca8e80e573f87a1ef6

SHA512
8b7948c6aa936130935304b32acbf3df486f95e10f832818a6c07e2e83e4bf18591a8fc373df8b20db96bac55a692cfa2dac98290fdac75a2851a6b3de92179a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000159

Filesize
76KB

MD5
7c6ced6b5e544f1bed3a766d7a885fd6

SHA1
722242cbf3a374a18a95e4f143d96eafbb948a3e

SHA256
531819d9628fb798ffe3c2456c7df1544703ac5e847c72947f879315d5d732bd

SHA512
5a7adb53b23d6a8f1d6738f89d79842590b7e0efb948b2b0bf8adff05015ab047bb30ccfab2ca779838997798342801f2207be7e67fb81e9bd216aa54f2b2ba6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001a6

Filesize
76KB

MD5
350688bcd7b60de91faa2771294a99b3

SHA1
8760b2a5be5e703e82f132163617d9a1ac174f27

SHA256
f34529005c41d2136ef450d4a4fc812dc2cdc1bd00368a5a034df38e95c07abe

SHA512
1fb3623a12aab9a785165ec3073750e6f4f0af5b25d913d0fc25022e9f480586f02496df20f90989e519bd7970ff618b52311191fcaa9738073274b9668e8635

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001ed

Filesize
76KB

MD5
07e0635a4fcc111d4b0ca9b030389419

SHA1
01a7f7d72670ec5fe681270fd43e733b75d32119

SHA256
f8c9c79c87bed55848b8cadfd00555ab1af481857683d710a12c5b54abde7456

SHA512
81d817186c044d721c2260f3cbd9329c7faef16c13149a154a7db1fee089f5677e578c00a27d6ba288d0481a22cbfa7d9d93d0e0291be84c5c489aa57d5f42a3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00024f

Filesize
76KB

MD5
3f3eae194c62fcca555a91571017c65a

SHA1
49e05d141493c33586cb7091e48822b5fc667be7

SHA256
274e6f7e11df84fd38f24667d8548e1f5bdb91197cfb3ac15baf986a3d3c8435

SHA512
9a4d4f3fc17e20aeabd145ebbfbc563487d6900aa3809df123af2004a085fa8715941a2c4e2b7bc06542653329fa28d2c8db2991115360c76488c085a02a5bbc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000287

Filesize
76KB

MD5
d2a4666c4d7738fcda528173af2e3e91

SHA1
add9e6ba6fc75b61a9e0660e28cb1a1c6b2de55d

SHA256
0c27036f008d6be35a58f9c09146ca88d474a3df314ac0cd80b60fa1a240e531

SHA512
f162c032a51aced7ef7b18e106674e2b96b1a6f57ac55962ef4b15dff5ad77508ff2efa1c99be32f413865322a9c9a99aa45d4a2df22646da1b8365a60978aca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000291

Filesize
76KB

MD5
9531d43843c140edb35c345a0d7cbaae

SHA1
da749312c029acd43a6c0e15d95f70669755597d

SHA256
390f803b59b91cfc96840c0340f02c09552c2a60a38b1d5f1f7e2a52b8b7b889

SHA512
f9156020991257103cb9128a145e8c3d2fcc8204798959f8fb3f48fa326547c7011407239025198a90df74e94fc85c70ecae98b1b77fab82f8d13d27581f881c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5d1960d8536b0ee0_0

Filesize
207B

MD5
cf91e844d06a6d2981746b371267d4ce

SHA1
e1659a7723eed8d565d8343847cdd2182760abf0

SHA256
273a50a9a3dfecb0da89032dd8d7af0ec97c5189b8e115219834617fd8479a23

SHA512
2bcbff4ed39f4133d78c414d3075d13fd8d58986393591b3448e60eb8e7cac37e6aa4f86a07984577a990c0b0b0c3a1d1b1b87c7eadffb5516a7390c0c31c381

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
674f126780c1c2d11f93658a99301778

SHA1
02186ef75ce50502b7fe053e488ed2805d3b01f9

SHA256
471b47b4a440da58284ddc5aeeef6b1ca9049b2cd90d54ffbc95e41860cf4b38

SHA512
c28b498ca327f73ff975e11dfa91a5c6468308b82d2ba4010ea377d8ff3ba0ded9e8a0aa85203894dbf28e357e87b5bd1669867e409d14dc21e24d36334bca52

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
efc49a9466b58bb05cb01419eac6ce46

SHA1
993ee0935b0dc422b17a8f23711c5a0e2faa78b8

SHA256
344784306997465104f2f4de45082dc70083e35c8a9ef5fcab1ab264669f0768

SHA512
7cacab4e71639e734f037c0b38cf64fd1afb339d5efd7a8c5b28b4e1a1e456c97834872bf60438b3f650418283a37a37eca981e96cc43cb5871d616703fbc772

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
4cb00283f28d0e9d0eb91852367c7b24

SHA1
31af3b0fb846ac04d3bee3f9e2c9dcaae6508b5a

SHA256
20cdba7ac44e7db02ad572b9f3f3d832709f5f031d3dc8dd93b13d3fcd686bbb

SHA512
faf36c049a54126c07d170946f97ba538599317cf55121ef7f7b53b2a4223e508a1047d26a0adfc8cc730d6dba01d76ade93e51300c4732742a63d27541ba68c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
7817c84a7b65c2970723e96a1b7630d3

SHA1
651fa55378a56e660755fefca3e191e0be09baa0

SHA256
3255a8ca9e69cd6f4095742994437449da30404ccf87ae0da63f11c9ba31f5ea

SHA512
b967fcb044030ba1b1d946244e9b9a65cfca4ac7a458672f212d862fcfe45f6d40cef05f5ac3f5e8c06ee8bd62018ebb07d91513a8fc46f469becc0b422a1355

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
95033dc6cece1ae59be926c0baa99e2d

SHA1
ece08cd12a7d15621356ae665ace95cee02fb520

SHA256
6bf471c891bc120fafccaf358ce1c472ba53e7654642fd81c45090fc5fb28108

SHA512
8581e7526a8fb59032378ddfac83ae10de3b79b39b11180c52a01d669bbf8459af75287ca1f0660426e6fea1951e29d326a8ebbf9d6aaeba89d872684c5384fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
616c8a11d9549c9d8d71a50e9ca8f878

SHA1
bfb3cc5bfac006e74eaa3e975a10c6c3bb8c84f3

SHA256
23617350a37d5374b16ecab7a66c1a92add92eb4e35217fdae810af4d324b34c

SHA512
a43ed901808511a35fee8035fb6ef233939a7bdce72952d46f8fee1f955d0607ece26720f1927ae28800a887f8c5c7907b65e2cec6a33aa92501c081d4c144ff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
988b2eed61d5433c2b15dc75b9eeffff

SHA1
6b3d299825855381fe031c9dff34a9df0389b532

SHA256
aa9436eae1ad743b6256a9c35e2aa941357330fbd8856d8005b2771b8094358d

SHA512
bfd63d4fed1cd7ebf2a10a3069d862eea79d5de2a08f5b9d2d9701a46acf9afd8a9d4982b830e27206cf405c447531e04defe627e1e5851733e641eb64747668

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
cd3e166381bbf3532f2890af279a31d6

SHA1
a265ad029bfad3eb892a0c65e1ad649cf288ad3f

SHA256
ce7010bd3751dbd07f73abb46bd81a83173db595cfd607d00a051514bcbea0c6

SHA512
afa5ce559c7838008a0afcf117d49b48a66c91a174f8856bb93e8bb0ee0a6172a008d4b82071f04d8ec2dbe9d7f8655f66991d81705359fa06f81b289b020bbc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
90aafe6de82794b8220f6c6dd84e90b5

SHA1
07d48fcf3535413785d4d852e41bdeb21e426720

SHA256
db25252ed2041714361fcad6d86339858c2bc9f14acb8c358ab7d45b3f3070c7

SHA512
7ca7a0f09fde52ef42e4fad0792ab99b477f846816cbb3d79121cb4ba5c10e3f1288ae4a9e576e91aaee71c2b9addaa5818d716f3d3d65282be5519025d0b291

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
535B

MD5
73a916c7912d4c90291e9037787d54ac

SHA1
000533922505ea2d6bee4b2b025389140efdd966

SHA256
6e3e17ec50471b571513b697f50f6a50c4eef97a9b89716c86749ee893846bb5

SHA512
8563ce2f0c31116d57fbe9ec5db9790c13aa7d13e0a14622923f4476964442cc810033121267210e32ad74501622beb77867a5e471d3512f33552e62bc338276

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
535B

MD5
7138414afed8d5351487f0c0fc54bc47

SHA1
0b0f2c98756f2a8252d1b321ca3b469d416cb63a

SHA256
5ba27f7b0e10d4f5347afd14dab3cf653850deb0a7f51ae4c924ef0a3be2d7d9

SHA512
49916b382616a1c7f4c6372a38d26dc3f0b6d3820f17a2e04b965d83b7e589187213ef3a9844d9c59107abaf38eceb195d2fc40de62b1b26aca9390618ee008c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
535B

MD5
97832c31d73d17bce6d69302d0b6d09c

SHA1
fc1910ae7701f98f42adddb68256d05c6ea0f821

SHA256
e4b4234cd60ddc97541f108f6ba934a868b9a1193887c52219ca3318d457f090

SHA512
17fec917bbb6774e31a031822f1f9b4779e53708f291bd674ab1299ceb777f47348639d7ff594feed6a001125e401b2a45aeca7fd4d37ead0e5f0f79eee93782

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
4ec0e6b8ca82b33833ddac9e3026433b

SHA1
ae3a8c4d2525494463adf29eee7b78d22c119a9c

SHA256
6f85e6ab4a0868ef12702bc47d9d7a9ddd7af2b6ab7179f22191c90bf2d3197e

SHA512
d0bd16a3d1d7b106f4671e258bb113a605fcca0b6630db5d7327b1fd4a7d1d9c3eb85364f592df5263728b342f0c1957753fd938076d1c97bdf732ae86a456a5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
535B

MD5
d604b902bc4c4034f7cdc24ed2a1ee34

SHA1
9c7fdf7a768d90599d3baa3bb087b8c55803da58

SHA256
bd1bf548b9646647a821c1682f868232c8fae7344e50087d6508fc427058fdbd

SHA512
6019aaa7f4f9e7b9baa860d4694c268815374bcd4cec6b816f00e1010d40779648240e34cb8526f0d6b131aae578605f1e3a818a4d0b324cab1650ef72ba5c5b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
a8261cc0d218e53386d49e54a0ae655f

SHA1
723e04dd616a238598d705fa2e215ca0302c8f75

SHA256
e6c0d511d1343438643e9d48f20992feab0ea85733aedf41e750f75f5cce9132

SHA512
a9e6d6f85f1e9b7b3d3df593446e487930cbf85fdf821a961bc6a58a99a4d54d31efd090e77df197292541ff3900d365aadb24a38c613da7e4d82f909a7f5415

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
016ad2a8352bfbd979ef68fe710825d4

SHA1
68549cc51716f992568c27a4bdcc82b193930245

SHA256
faf2d0d4527214b579905be7dc0e5bcc3c6498fbe5410444aed4575d0452c606

SHA512
a6248d4e327535f93f678ea3687c45bf8f421c38f3336590afbac6e0a808f725a47a7ac04a80a15844c2b413ce7aafc700ad9b015afb36e79eabe62a4cf2cd2f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
881556acab814161068d4e9831a96451

SHA1
38946f8abf4f51ee94030d0d2aa5b57a81ab6ae7

SHA256
dc7ae53abff01ff4f387547275ea893d3c83ff31c92d6697f2b678ec11ff95bd

SHA512
5e6abb8444612a02583b2740aa27739890535ec527224708bc421eca0b67ea7caca4eaa105444a61ed6d9e18be2bb982c3e36df8a185f6d540f065ab67286bed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57f165.TMP

Filesize
537B

MD5
65e0f49753c4e61225e4827d69d3327f

SHA1
f63118049ce7e6e1e6b43cd70ad5eb4ab690e01f

SHA256
0fa3b3a238a37947763ddb6aff38c12e743b228aaa7879e12a6194feb5ba6969

SHA512
ee66d734b02a3cdf6042ba144a2c6c0aeba47895bca2d2e407bd8321401e526d09fb4e03801a8c24ce59676503abd6bc48a6342ecb6f7d02e9e2dcee1d67d05a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
b6b4732aef975ad43f64fed14aa84594

SHA1
e1c7e4c0e0bf62ee1af0464324640f9842bc7394

SHA256
2d8eda63f83e6362e3278ca7160740966d236919298b32fe6ab4cea7b1062b90

SHA512
d912fa6250d444d4765106e22674efd3a0e2255ee378b6dbb07b36fd62aab8d3250438a5c8c97cd61277773ee4e2423a08c2a88867b0f8067f1c0ac5a0f74496

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
631bcea20fbd03ebbdb6f375ebdbc35f

SHA1
f75495c5c926a177c1fe2c8b0c85a7c180f8540f

SHA256
5fca2356e52058c2e09df25797db57465c78401b751722da46d50fc3fd0d4b5e

SHA512
b013d978dae09be1cf1184b12a072485a6b654510f6bed8e9d8222c524691e45931fc00e40e17ea619d988ac17dd3eac009f25b11af1d645e13cdb14d8502597

Download Submit